Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS32519.roa
File:                     AS32519.roa (raw, json)
Hash identifier:          Nvk8U9PT6U89tC0ogQy6mE3gj4WOKlG1tSfsz27BwGQ=
Subject key identifier:   6C:B6:3B:B8:EE:11:AD:88:3A:3F:DE:CA:4F:3C:8F:E4:30:28:5E:73
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       2A6FCD8EA5D5FDCDECE08539ABED6BEF8A593821
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS32519.roa
Signing time:             Wed 22 Oct 2025 21:31:20 +0000
ROA not before:           Wed 22 Oct 2025 21:26:20 +0000
ROA not after:            Wed 21 Oct 2026 21:31:20 +0000
asID:                     32519
IP address blocks:        45.11.104.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Oct 2025 14:58:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:6f:cd:8e:a5:d5:fd:cd:ec:e0:85:39:ab:ed:6b:ef:8a:59:38:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:20 2025 GMT
            Not After : Oct 21 21:31:20 2026 GMT
        Subject: CN=6CB63BB8EE11AD883A3FDECA4F3C8FE430285E73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:be:4f:40:0a:c8:c4:3f:d9:c6:f7:40:7d:cc:
                    54:04:41:3e:da:9c:8c:9c:c6:ca:e5:9c:bb:3b:29:
                    48:fc:e1:f1:b6:a0:35:b0:b6:da:5f:b1:32:80:32:
                    e9:e9:45:c3:9b:bb:10:ba:70:4c:8b:f9:61:b8:08:
                    3e:d8:50:bd:03:e4:5d:a4:d8:6a:81:88:33:c2:94:
                    3e:71:97:d7:36:ed:72:f1:70:65:d5:bb:68:4e:3d:
                    9e:68:4c:cb:0c:d4:11:b7:73:92:b0:50:1d:4d:7a:
                    13:13:53:22:da:e9:af:42:fa:e7:ae:b0:ef:18:24:
                    a8:26:99:59:e0:98:f6:a0:ea:d3:0f:2f:2a:ed:36:
                    ad:57:50:9a:e8:83:35:91:9f:51:f1:6e:15:b0:bf:
                    61:53:d5:94:6d:b4:39:98:dc:23:0b:30:b7:21:95:
                    3d:d7:48:f4:fa:1d:58:d6:dd:2a:3d:89:11:4a:08:
                    a3:37:3c:e0:a1:65:71:96:3c:2f:3e:20:f4:cd:32:
                    7d:15:03:a3:10:32:54:fc:d9:da:17:9a:3c:c5:03:
                    2b:f0:49:1b:44:6c:05:f9:47:20:bd:f8:12:4d:74:
                    ab:1a:ca:43:e8:d2:00:8a:4e:52:e6:11:0a:29:ce:
                    8a:a3:06:18:3c:e4:b3:2f:e2:78:d0:17:7d:65:49:
                    b1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:B6:3B:B8:EE:11:AD:88:3A:3F:DE:CA:4F:3C:8F:E4:30:28:5E:73
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS32519.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:75:08:e6:1b:37:57:4b:e6:86:9d:74:9e:a5:10:54:61:25:
         5b:3d:8f:90:78:48:0a:9c:d7:bb:39:b5:e9:4f:0b:24:b0:fc:
         dd:45:be:a0:2d:15:93:72:01:db:41:1a:66:8a:a0:89:41:39:
         bc:1c:04:9e:8f:9a:72:d8:d7:8f:de:b7:ed:fb:af:8b:1f:69:
         2e:01:77:b9:c2:de:15:ad:0d:9e:54:33:44:a9:c4:db:e9:94:
         e3:fd:c2:5f:ac:df:ad:7e:76:75:30:af:6f:7a:8a:bc:b9:ee:
         4c:f0:a3:cb:4e:7e:69:17:f2:4d:a0:22:77:ef:ea:25:e0:f3:
         99:df:47:89:12:34:f1:15:68:12:48:0b:12:95:1b:19:c3:34:
         25:68:0c:53:e3:30:02:27:7e:ee:06:be:9a:12:37:50:b1:e6:
         df:53:78:de:cd:82:93:d6:59:5e:24:a4:5c:24:30:a4:d6:91:
         3d:4a:90:6f:45:1d:cb:ec:90:85:c2:71:00:28:48:1a:29:2b:
         1d:f7:7b:15:a1:f2:0f:ab:e6:b2:eb:e8:35:49:5b:b0:72:ab:
         3f:cc:30:ed:ae:4a:72:9e:05:61:ee:9d:ad:5a:4e:1c:25:11:
         a5:bc:ee:2d:09:23:48:1b:bc:33:fc:62:f3:e2:8b:82:1a:41:
         dc:a5:82:8f
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUKm/NjqXV/c3s4IU5q+1r74pZOCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjBaFw0yNjEwMjEyMTMxMjBaMDMxMTAvBgNV
BAMTKDZDQjYzQkI4RUUxMUFEODgzQTNGREVDQTRGM0M4RkU0MzAyODVFNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/vk9ACsjEP9nG90B9zFQEQT7a
nIycxsrlnLs7KUj84fG2oDWwttpfsTKAMunpRcObuxC6cEyL+WG4CD7YUL0D5F2k
2GqBiDPClD5xl9c27XLxcGXVu2hOPZ5oTMsM1BG3c5KwUB1NehMTUyLa6a9C+ueu
sO8YJKgmmVngmPag6tMPLyrtNq1XUJrogzWRn1HxbhWwv2FT1ZRttDmY3CMLMLch
lT3XSPT6HVjW3So9iRFKCKM3POChZXGWPC8+IPTNMn0VA6MQMlT82doXmjzFAyvw
SRtEbAX5RyC9+BJNdKsaykPo0gCKTlLmEQopzoqjBhg85LMv4njQF31lSbEvAgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQUbLY7uO4RrYg6P97KTzyP5DAoXnMwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMzMjUxOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0LaDANBgkq
hkiG9w0BAQsFAAOCAQEAeXUI5hs3V0vmhp10nqUQVGElWz2PkHhICpzXuzm16U8L
JLD83UW+oC0Vk3IB20EaZoqgiUE5vBwEno+actjXj9637fuvix9pLgF3ucLeFa0N
nlQzRKnE2+mU4/3CX6zfrX52dTCvb3qKvLnuTPCjy05+aRfyTaAid+/qJeDzmd9H
iRI08RVoEkgLEpUbGcM0JWgMU+MwAid+7ga+mhI3ULHm31N43s2Ck9ZZXiSkXCQw
pNaRPUqQb0Udy+yQhcJxAChIGikrHfd7FaHyD6vmsuvoNUlbsHKrP8ww7a5Kcp4F
Ye6drVpOHCURpbzuLQkjSBu8M/xi8+KLghpB3KWCjw==
-----END CERTIFICATE-----